Preservation of Privacy in Thwarting the Ballot Stuffing Scheme

Users of an online trading system rely on Reputation Systems to better judge whom should be trusted and to what degree. This is achieved through users building up reputations in the system. In these types of environments, it has been shown that users with good reputations do more business than users with bad reputations. The ballot stuffing scheme exploits this and has fraudulent users placing a number of false bids in an attempt to better the reputation of a single user. Though previous research has dealt with thwarting the one man ballot stuffing scheme, the issue of privacy was neglected. The solution proposed relied on looking up the coordinates of a user who is a cellular phone holder. Upon placing a bid, the user's geographical coordinates are compared to the coordinates of other users involved in the transaction. If the users were within a predefined distance to one another, the transaction was marked as suspicious. This mechanism relies on storing the coordinates of a user over time and, from a privacy perspective, is unacceptable. The intention of this paper is to propose several solutions that attempt to safeguard the privacy of all users involved when calculating the distance between two cellular phone holders, i.e., thwarting the one man ballot stuffing scheme. We discuss solutions that cater for service providers who may be willing or unwilling to participate in safeguarding the privacy of their users. These techniques include Secure Multi-party Computation, polynomial interpolation and the addition of untrusted third parties.

[1]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[2]  Moni Naor,et al.  Communication preserving protocols for secure function evaluation , 2001, STOC '01.

[3]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[4]  Luo,et al.  Privacy-Preserving Distance Measurement and Its Applications , 2006 .

[5]  Gilles Brassard,et al.  All-or-Nothing Disclosure of Secrets , 1986, CRYPTO.

[6]  Shundong Li,et al.  Secure Two-Party Computational Geometry , 2005, Journal of Computer Science and Technology.

[7]  Chris Clifton,et al.  Secure set intersection cardinality with application to association rule mining , 2005, J. Comput. Secur..

[8]  Wenliang Du,et al.  A practical approach to solve Secure Multi-party Computation problems , 2002, NSPW '02.

[9]  Paul Resnick,et al.  Reputation systems , 2000, CACM.

[10]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[11]  Martin S. Olivier,et al.  On bidder zones, cell phones and ballot stuffing , 2006, ISSA.

[12]  Chris Clifton,et al.  Leveraging the "Multi" in secure multi-party computation , 2003, WPES '03.

[13]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[14]  Eike Kiltz,et al.  Secure Computation of the Mean and Related Statistics , 2005, IACR Cryptol. ePrint Arch..

[15]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[16]  Dai Yiqi,et al.  Secure Multi-Party Computation of Set-Inclusion and Graph-Inclusion , 2005 .

[17]  Philip Robinson,et al.  Privacy, Security and Trust within the Context of Pervasive Computing (The Kluwer International Series in Engineering and Computer Science) , 2004 .

[18]  Andreas Heinemann,et al.  Survey on Location Privacy in Pervasive Computing , 2005 .

[19]  Paul Resnick,et al.  The value of reputation on eBay: A controlled experiment , 2002 .

[20]  Mikhail J. Atallah,et al.  A secure protocol for computing dot-products in clustered and distributed environments , 2002, Proceedings International Conference on Parallel Processing.

[21]  Wenliang Du,et al.  Secure multi-party computation problems and their applications: a review and open problems , 2001, NSPW '01.

[22]  Andrew Chi-Chih Yao,et al.  How to Generate and Exchange Secrets (Extended Abstract) , 1986, FOCS.